成长值: 64300
|
题目不是很完整,答案仅供参考
3 x, c1 m+ ^9 U
/ u+ w5 E* k5 sQuestion 01:1 M9 ?, F3 a( g) I/ M' R. l
Witch access list entry checks for an ACK within a packet header? d$ k" r3 S7 m7 y; |( W* n4 k
A access-list 49 permit ip any any eq 21 tcp-ack7 U0 m9 y. p+ ^: n# J
B access-list 49 permit tcp any any eq 21 tcp-ack! f: g: a: ^# M B* v/ f) r
C access-list 149 permit tcp any any eq 21 established
: m4 k# K- s' XD access-list 49 permit tcp any any eq 21 established/ [# O1 B+ ?4 K/ I6 _8 P
Ans: C
( ~7 x$ Z5 H4 O& z3 e6 d4 k8 ?———————————————————————————
7 _: n0 M X( }3 h; |1 M9 R& pQuestion 02:6 F5 b# c8 \8 D
Which option is one way to mitigate symmetric routing on an active/active firewall setup for TCP-based connections?
: a: y5 |! v! i! g7 a' O; iA performing packet captures
8 B$ J) E$ z% N' M( X7 QB disabling asr-group commands on interfaces that are likely to receive asymetric traffic" u- G5 U% Y6 U! K
C replacing them with redundant routers and allowing load balancing
. r( a! F( x+ f1 MD disabling stateful TCP checks
! d: ?0 i, {2 E g: `: `. wAns: D- [) n* E! F7 n* s c$ L
0 b1 v' t; x8 v: q# [: E2 }# k8 T6 E: n' D. ]
|
|